Customer Workshop - RFQX Security Architecture Package

Workshop Execution Pack

Customer Clarification Workshop Execution Pack

Workshop Objective

Run a structured clarification workshop that confirms or rejects RFQX assumptions, closes product/security architecture uncertainties, and captures customer decisions without converting unanswered questions into requirements.

Required Participants

OEM product owner
OEM system architect
OEM cybersecurity architect
OEM diagnostic expert
OEM backend/cloud owner
OEM PKI/key management owner
Supplier system architect
Supplier cybersecurity engineer
Supplier software architect
Supplier hardware/platform owner
Tooling/ALM owner
TARA/residual-risk approver

Pre-Read Material

site/index.html
site/product-understanding.html
site/interfaces.html
site/cybersecurity.html
site/architecture.html
site/open-decisions.html
customer_review/customer_clarification_questions.md
customer_review/customer_readiness_summary.md

Meeting Structure

Clarification questions: 64 total; P1=10, P2=0, P3=54.
Block 1: Product and Boundary.
Block 2: Interfaces and Data Flows.
Block 3: Security Concept and Assets.
Block 4: Diagnostics / Update / PKI.
Block 5: Ownership and Operations.
Block 6: TARA / Residual Risk.

Product Understanding Review

Confirm product identity, vehicle/ECU context, operational need, and what the requirements do not prove.

System Boundary Review

Confirm item boundary, adjacent ECUs, customer/OEM systems, supplier responsibilities, and assumed deployment zones.

Interface Review

Confirm external/internal interfaces, protocols, data exchanged, owner, trust-boundary crossing, and required protection.

Security Concept Review

Confirm assets, attack surfaces, security goals, expected controls, lifecycle responsibilities, and ownership of PKI, diagnostics, update, logging, monitoring, and incident response.

Architecture Review

Walk through context, logical architecture, cybersecurity architecture, trust boundaries, data flows, and unresolved assumptions as tracked review items.

Decision Capture Rules

Do not treat unanswered clarification questions as confirmed requirements.
Do not convert assumptions into explicit requirements unless a customer answer supports it.
Every customer answer must reference a Question ID.
Every decision must include owner, status, affected baseline areas, and evidence or meeting reference.
Every post-workshop baseline update must show before state, after state, delta impact, and remaining open points.

Expected Outputs

Completed customer answer capture sheet.
Decision log with owner and status for each answered item.
New questions created during the workshop.
Agreement on which assumptions remain tracked and which baseline areas require update.

Post-Workshop Update Process

1. Save customer answers under customer-input/customer-answers/. 2. Run python scripts/ingest_customer_answers.py. 3. Run python scripts/update_baseline_from_customer_answers.py. 4. Re-run synthesis, site generation, validation, and evidence export. 5. Review post-workshop deltas before claiming any customer-approved baseline state.

Clarification Priority Matrix

Generated: 2026-06-20T16:56:36+00:00

Total questions: 64
P1 count: 10
P2 count: 0
P3 count: 54

Questions by Domain

Diagnostic and Service Access: 20
Network and External Interfaces: 1
Product/System Boundary: 43

Questions by Owner

Joint: 64

Questions by Impacted Architecture Area

Diagnostic access boundary / Secure Diagnostics: 20
External Interfaces / vehicle network boundary: 1
System boundary / item definition: 43

Sequenced Question Register

CQ-BOUNDARY-01

Priority: P1
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00006

CQ-BOUNDARY-04

Priority: P1
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00146

CQ-BOUNDARY-06

Priority: P1
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00175

CQ-BOUNDARY-16

Priority: P1
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00317

CQ-BOUNDARY-19

Priority: P1
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00338

CQ-BOUNDARY-23

Priority: P1
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00480

CQ-BOUNDARY-24

Priority: P1
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00488

CQ-BOUNDARY-28

Priority: P1
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ_UDS-0051

CQ-BOUNDARY-31

Priority: P1
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00634

CQ-BOUNDARY-38

Priority: P1
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00866

CQ-BOUNDARY-02

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ_SEC_0040

CQ-BOUNDARY-03

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ_SEC_0041

CQ-BOUNDARY-05

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: Req.ID-Description-6.22.1

CQ-BOUNDARY-07

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00190

CQ-BOUNDARY-08

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00246

CQ-BOUNDARY-09

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00250

CQ-BOUNDARY-10

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00272

CQ-BOUNDARY-11

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00278

CQ-BOUNDARY-12

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00279

CQ-BOUNDARY-13

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00284

CQ-BOUNDARY-14

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00292

CQ-BOUNDARY-15

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00294

CQ-BOUNDARY-17

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00335

CQ-BOUNDARY-18

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00337

CQ-BOUNDARY-20

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00343

CQ-BOUNDARY-21

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00378

CQ-BOUNDARY-22

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00420

CQ-BOUNDARY-25

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00492

CQ-BOUNDARY-26

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ_UDS-0041

CQ-BOUNDARY-27

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ_UDS-0049

CQ-BOUNDARY-29

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00563

CQ-BOUNDARY-30

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00588

CQ-BOUNDARY-32

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00652

CQ-BOUNDARY-33

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ_UDS-0135

CQ-BOUNDARY-34

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00704

CQ-BOUNDARY-35

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00785

CQ-BOUNDARY-36

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00843

CQ-BOUNDARY-37

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00859

CQ-BOUNDARY-39

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00932

CQ-BOUNDARY-40

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00947

CQ-BOUNDARY-41

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-00996

CQ-BOUNDARY-42

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-01013

CQ-BOUNDARY-43

Priority: P3
Workshop Block: Block 1: Product and Boundary
Decision Type: Product Boundary
Domain: Product/System Boundary
Recommended owner: Joint
Impacted architecture/security area: System boundary / item definition
Related requirement IDs: REQ-AUTO-01056

CQ-INTERFACE-01

Priority: P3
Workshop Block: Block 2: Interfaces and Data Flows
Decision Type: Interface
Domain: Network and External Interfaces
Recommended owner: Joint
Impacted architecture/security area: External Interfaces / vehicle network boundary
Related requirement IDs: req-6.3

CQ-DIAG-01

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0051

CQ-DIAG-02

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0051

CQ-DIAG-03

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0051

CQ-DIAG-04

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0305

CQ-DIAG-05

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0345

CQ-DIAG-06

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0346

CQ-DIAG-07

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0348

CQ-DIAG-08

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0349

CQ-DIAG-09

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0093

CQ-DIAG-10

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0295

CQ-DIAG-11

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0134

CQ-DIAG-12

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0136

CQ-DIAG-13

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0208

CQ-DIAG-14

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0215

CQ-DIAG-15

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0217

CQ-DIAG-16

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0218

CQ-DIAG-17

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0220

CQ-DIAG-18

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0221

CQ-DIAG-19

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0222

CQ-DIAG-20

Priority: P3
Workshop Block: Block 4: Diagnostics / Update / PKI
Decision Type: Interface
Domain: Diagnostic and Service Access
Recommended owner: Joint
Impacted architecture/security area: Diagnostic access boundary / Secure Diagnostics
Related requirement IDs: REQ_UDS-0003

Additional PDF Closure Overlay

Additional PDF closure analysis generated: 2026-06-20T16:56:49+00:00
Answered by additional PDFs: 0
Partially answered by additional PDFs: 0
Introduced by additional PDFs: 64
Still requiring customer decision: 64
Current P1: 10

Closed questions are not deleted; closure history is in customer_review/clarification_status_updated.md.

Questions Grouped by Workshop Block

Customer Clarification Questions

Generated: 2026-06-20T16:56:36+00:00

Total clarification questions: 64

Product/System Boundary

CQ-BOUNDARY-01

Question: Confirm the customer decision needed to baseline this requirement item: Note: The vehicle manufacturer and supplier shall collaboratively define the context of the system or function to enable the supplier performing th.... This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P1
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Blocks architecture baseline
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00006
Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 5
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Not Applicable
Rationale: Requirement was not low-confidence in the extracted baseline.
Classification: Needs Customer Clarification

CQ-BOUNDARY-04

Question: Confirm the customer decision needed to baseline this requirement item: Message contents to be agreed with Traton 6.9 ECA identification number: The ECA shall report a unique ECA individual identification number 6.10 Su.... This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P1
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Blocks architecture baseline
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00146
Source Markdown: converted/markdown-cleaned/3299216_1.md page 23
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Not Applicable
Rationale: Requirement was not low-confidence in the extracted baseline.
Classification: Needs Customer Clarification

CQ-BOUNDARY-06

Question: Confirm the customer decision needed to baseline this requirement item: Internally stored parameters may be accessible only using supplier defined tools .. This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P1
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Blocks architecture baseline
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00175
Source Markdown: converted/markdown-cleaned/3299216_1.md page 27
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Constraint
Rationale: The source text is weakly extracted but carries design or operational constraint value.
Classification: Needs Customer Clarification

CQ-BOUNDARY-16

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: It should be possible to reuse the generic bootloader for future currently unknown purposes/applications without a need to create a new part number.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P1
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Blocks architecture baseline
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00317
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 10
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Not Applicable
Rationale: Requirement was not low-confidence in the extracted baseline.
Classification: Needs Customer Clarification

CQ-BOUNDARY-19

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: SUV2_INFO 52 Since Link Control is only applicable in production when no application has been programmed by the supplier, the application may retur.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P1
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Blocks architecture baseline
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00338
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 15
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Constraint
Rationale: The source text is weakly extracted but carries design or operational constraint value.
Classification: Needs Customer Clarification

CQ-BOUNDARY-23

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: SUV2_INFO 134 The received data to decrypt may only be parts of a software module and it will be based on the range defined.. This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P1
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Blocks architecture baseline
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00480
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 42
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Constraint
Rationale: The source text is weakly extracted but carries design or operational constraint value.
Classification: Needs Customer Clarification

CQ-BOUNDARY-24

Question: Confirm the customer decision needed to baseline this requirement item: 4 Terms, definitions and abbreviations 4.1 Terms Table 1 – Definition of Terms Term Definition Shall This word, or the terms "Required" or "Must",.... This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P1
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Blocks architecture baseline
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00488
Source Markdown: converted/markdown-cleaned/CVS124.md page 6
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Not Applicable
Rationale: Requirement was not low-confidence in the extracted baseline.
Classification: Needs Customer Clarification

CQ-BOUNDARY-28

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: Internal Page 26 (90) Diagnostics Service Diag Safe state check Application Boot loader TransferData (0x36) M - RequestFileTransfer (0x38) M - C1 =.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P1
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Blocks architecture baseline
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ_UDS-0051
Source Markdown: converted/markdown-cleaned/CVS124.md page 26
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Not Applicable
Rationale: Requirement was not low-confidence in the extracted baseline.
Classification: Needs Customer Clarification

CQ-BOUNDARY-31

Question: Confirm the customer decision needed to baseline this requirement item: Internal Page 52 (90) Byte Description Range Resolu tion This byte shall be set to value 2 and is used to identify the response structure variant #.... This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P1
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Blocks architecture baseline
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00634
Source Markdown: converted/markdown-cleaned/CVS124.md page 52
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Not Applicable
Rationale: Requirement was not low-confidence in the extracted baseline.
Classification: Needs Customer Clarification

CQ-BOUNDARY-38

Question: Confirm the customer decision needed to baseline this requirement item: 3.2 DSC ASN.1 definition DSC_BASE_REQ 41 The structure version for this document release shall be: Major ‘04’ and Minor ‘00’ DSC_BASE_REQ 42 The se.... This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P1
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Blocks architecture baseline
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00866
Source Markdown: converted/markdown-cleaned/CVS154.md page 9
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Not Applicable
Rationale: Requirement was not low-confidence in the extracted baseline.
Classification: Needs Customer Clarification

CQ-BOUNDARY-02

Question: Confirm whether this source item is binding for the ECA ECU baseline or only informative guidance: REQ_SEC_0040 The vehicle manufacturer reserves the right to perform penetration testing on the ECU to identify potential vulnerabilities.. This affects whether RFQX treats it as supplier scope, assumption, or evidence-only context.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ_SEC_0040
Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 6
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-03

Question: Confirm whether this source item is binding for the ECA ECU baseline or only informative guidance: REQ_SEC_0041 The vehicle manufacturer reserves the right to request documentation and evidence as well as to perform or order a compliance audit to.... This affects whether RFQX treats it as supplier scope, assumption, or evidence-only context.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ_SEC_0041
Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md page 7
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-05

Question: Confirm whether this source item is binding for the ECA ECU baseline or only informative guidance: Req.ID Description 6.22.1 Wrong rotation direction 6.22.2 Short circuit / open load on the phases 6.22.3 Motor rotation feedback, short circuit / o.... This affects whether RFQX treats it as supplier scope, assumption, or evidence-only context.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: Req.ID-Description-6.22.1
Source Markdown: converted/markdown-cleaned/3299216_1.md page 25
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-07

Question: Confirm the customer decision needed to baseline this requirement item: 7.17 Umax: - - 32/36/48 A Specific test relations TBD 7.18 Umin: 16 - - V CVS41 limits may go below this value.. This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00190
Source Markdown: converted/markdown-cleaned/3299216_1.md page 29
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-08

Question: Confirm the customer decision needed to baseline this requirement item: Reduced versions of test procedure II may be agreed and used during various tests.. This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00246
Source Markdown: converted/markdown-cleaned/3299216_1.md page 41
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-09

Question: Confirm the customer decision needed to baseline this requirement item: Y 10.7.28 CVS46 §5.2 Vehicle test RE: Emitted interference of the complete vehicle Y 10.7.29 CVS46 §5.2.1 Vehicle test RE: Protection of receivers.... This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00250
Source Markdown: converted/markdown-cleaned/3299216_1.md page 47
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-10

Question: Confirm the customer decision needed to baseline this requirement item: Unless otherwise stated, valid version is the latest available as of 1st May 2026.. This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00272
Source Markdown: converted/markdown-cleaned/3299216_1.md page 52
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-11

Question: Confirm whether this source item is binding for the ECA ECU baseline or only informative guidance: This needs to be checked with the first test run and if necessary the test cycle used in profile B needs to be changed.. This affects whether RFQX treats it as supplier scope, assumption, or evidence-only context.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00278
Source Markdown: converted/markdown-cleaned/3299216_1.md page 61
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-12

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: TRATON Software Update Variant 2 (SUV2) sequence Foreword This Commercial Vehicle Standard (“CVS123-2”) contains requirement specifications for TRA.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00279
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 1
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-13

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: Clients may prefer to implement programming support using other service parameter values or even another set of programming steps than. This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00284
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 4
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-14

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: The value of this variable (and C2, see below) may be used by the boot manager to determine whether to start the application or the boot loader.. This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00292
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 6
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-15

Question: Confirm the customer decision needed to baseline this requirement item: The value of this variable (and C1, see above) may be used by the boot manager to determine whether or not to start the application or the boot loa.... This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00294
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 6
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-17

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: SUV2_INFO 35 As example, the client may read certificate validity time and/or RBAC configuration file to verify if the appropriate entities are sto.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00335
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 14
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-18

Question: Confirm the customer decision needed to baseline this requirement item: Alternatively, it may be a client strategy to always update certain entities prior to a software update.. This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00337
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 14
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-20

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: SUV2_INFO 82 Implementation hint: The integrity information may contain parts of memory not programmed, regardless of this the server verifies the.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00343
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 19
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-21

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: SUV2_INFO 107 In order to satisfy stability requirements, the erasing of the boot loader may require that the old boot loader is copied into anothe.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00378
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 24
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-22

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: SUV2_INFO 113 In order to satisfy stability requirements, the erasing of the boot loader may require that the current boot loader be copied into an.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00420
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 32
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-25

Question: Confirm the customer decision needed to baseline this requirement item: May This word, or the adjective “Optional”, means that an item is truly optional.. This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00492
Source Markdown: converted/markdown-cleaned/CVS124.md page 6
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-26

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: REQ_UDS 0041 The default diagnostic session is referred to as “defaultSession”.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ_UDS-0041
Source Markdown: converted/markdown-cleaned/CVS124.md page 23
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-27

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: REQ_UDS 0049 Diagnostics safe state is the following conditions that needs be satisfied to ensure vehicle is not in operation while performing cert.... This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ_UDS-0049
Source Markdown: converted/markdown-cleaned/CVS124.md page 25
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-29

Question: Confirm whether this source item is binding for the ECA ECU baseline or only informative guidance: Its upto the ECU to include the conditions that are relevant for that particular ECU, but needs to be agreed with Vehicle Manufacturer.. This affects whether RFQX treats it as supplier scope, assumption, or evidence-only context.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00563
Source Markdown: converted/markdown-cleaned/CVS124.md page 32
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-30

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: INFO_UDS 0014 A functionally addressed TesterPresent may arrive at any time during another request.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00588
Source Markdown: converted/markdown-cleaned/CVS124.md page 37
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-32

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: INFO_UDS 0017 In order to satisfy stability requirements, the erasing of the boot loader may require that the old boot loader is copied into anothe.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00652
Source Markdown: converted/markdown-cleaned/CVS124.md page 57
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-33

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.5.18.2 Request parameter subFunction REQ_UDS 0135 Refer to CVS31 .. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ_UDS-0135
Source Markdown: converted/markdown-cleaned/CVS124.md page 64
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-34

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: INFO_UDS 0020 In order to satisfy stability requirements, the erasing of the boot loader may require that the current boot loader be copied into an.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00704
Source Markdown: converted/markdown-cleaned/CVS124.md page 69
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-35

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: RBAC for diagnostics Foreword This Commercial Vehicle Standard (“CVS151”) contains requirement specifications for TRATON Group and may be referred.... This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00785
Source Markdown: converted/markdown-cleaned/CVS151.md page 1
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-36

Question: Confirm the customer decision needed to baseline this requirement item: Data Security Container base definition Foreword This Commercial Vehicle Standard (“CVS154”) contains requirement specifications for TRATON Group a.... This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00843
Source Markdown: converted/markdown-cleaned/CVS154.md page 1
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-37

Question: Confirm the customer decision needed to baseline this requirement item: However, the instance specification may state specialized actions: • Server processes each VerificationEntry one by one.. This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00859
Source Markdown: converted/markdown-cleaned/CVS154.md page 6
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-39

Question: Confirm whether this source item is binding for the ECA ECU baseline or only informative guidance: AUTH_INFO 133 If the server is unable to delete the client’s authentication state or cannot retrieve it due to internal errors, the server responds.... This affects whether RFQX treats it as supplier scope, assumption, or evidence-only context.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00932
Source Markdown: converted/markdown-cleaned/CVS31.md page 16
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-40

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: While the ECU-Diagnostic Role extension specifies the roles assigned to a client, the D-RBACC extension may both grant additional permissions and r.... This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00947
Source Markdown: converted/markdown-cleaned/CVS31.md page 18
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-41

Question: Confirm the customer decision needed to baseline this requirement item: (There may be more than one authentication state).. This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-00996
Source Markdown: converted/markdown-cleaned/CVS32.md page 6
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-42

Question: Confirm the customer decision needed to baseline this requirement item: SDT_REQ 19 The client may alter the CipherScheme between SDT requests within the same SDT sequence.. This affects product/system boundary scope, supplier positioning, and traceability status.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-01013
Source Markdown: converted/markdown-cleaned/CVS32.md page 10
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

CQ-BOUNDARY-43

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: The SDT positive response may of course contain an encapsulated negative UDS response.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Product Boundary
Workshop Block: Block 1: Product and Boundary
Why it matters: Product boundary drives every architecture, TARA, traceability, and acceptance decision.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unresolved boundary can invalidate asset allocation, interface scope, and residual-risk agreement.
Related requirement IDs: REQ-AUTO-01056
Source Markdown: converted/markdown-cleaned/CVS32.md page 18
Related architecture/security element: System boundary / item definition
Recommended owner: Joint
Current RFQX status: Reclassified as Assumption
Rationale: The source uses permissive language or weak extraction, so it is not treated as a confirmed requirement.
Classification: Needs Customer Clarification

Network and External Interfaces

CQ-INTERFACE-01

Question: Confirm whether this source item is binding for the ECA ECU baseline or only informative guidance: The signal is valid during Control Modes RPC and TC(see req 6.3).. This affects whether RFQX treats it as supplier scope, assumption, or evidence-only context.
Priority: P3
Decision Type: Interface
Workshop Block: Block 2: Interfaces and Data Flows
Why it matters: Security controls must be allocated at each real boundary, not a generic interface list.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Interface attack surfaces may be missed or over-specified.
Related requirement IDs: req-6.3
Source Markdown: converted/markdown-cleaned/3299216_1.md page 22
Related architecture/security element: External Interfaces / vehicle network boundary
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

Diagnostic and Service Access

CQ-DIAG-01

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: More information on CVS124 REQ_UDS 0051 C2 Also referred to as “programming request” flag.. This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0051
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 6
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-02

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: More information on CVS124 REQ_UDS 0051 C3 Also referred to as “reprogrammed” flag.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0051
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 6
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-03

Question: Confirm whether this software-update/bootloader item is binding for the ECA ECU baseline or informative guidance: SUV2_INFO 66 Implementation hint: The server resets the “application valid” flag (C1, see CVS124 REQ_UDS 0051) before the erase process starts, to.... This affects bootloader/update design scope, diagnostic programming behavior, verification evidence, and supplier effort estimation.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0051
Source Markdown: converted/markdown-cleaned/CVS123-2.md page 17
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-04

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: INFO_UDS 0019 Description of the individual transitions as per Figure 2 -State Diagram is explained from REQ_UDS 0305 to REQ_UDS 0337.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0305
Source Markdown: converted/markdown-cleaned/CVS124.md page 27
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-05

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.5.5.1 Request REQ_UDS 0345 Refer to ISO 14229-1 for request format.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0345
Source Markdown: converted/markdown-cleaned/CVS124.md page 37
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-06

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.5.5.1.1 Request parameter DTCSettingType REQ_UDS 0346 Refer to ISO 14229-1 for request parameter DTCSettingType.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0346
Source Markdown: converted/markdown-cleaned/CVS124.md page 37
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-07

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.5.5.2 Positive response REQ_UDS 0348 Refer to ISO 14229-1 for positive response format and parameter.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0348
Source Markdown: converted/markdown-cleaned/CVS124.md page 38
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-08

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.5.5.3 Negative response REQ_UDS 0349 Refer to ISO 14229-1 for negative response format and codes.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0349
Source Markdown: converted/markdown-cleaned/CVS124.md page 38
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-09

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: REQ_UDS 0093 Additional client requests which start copying RAM buffer data into non-volatile memory are not allowed.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0093
Source Markdown: converted/markdown-cleaned/CVS124.md page 40
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-10

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.5.15 TransferData (0x36) service 5.5.15.1 Request REQ_UDS 0295. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0295
Source Markdown: converted/markdown-cleaned/CVS124.md page 61
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-11

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.5.18.1 Request REQ_UDS 0134 Refer to CVS31 .. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0134
Source Markdown: converted/markdown-cleaned/CVS124.md page 64
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-12

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.5.18.3 Positive response REQ_UDS 0136 Refer to CVS31 .. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0136
Source Markdown: converted/markdown-cleaned/CVS124.md page 64
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-13

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: REQ_UDS 0208 The timestamp is presented in SAE J1939-71 format without local hour/minute offsets.. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0208
Source Markdown: converted/markdown-cleaned/CVS124.md page 81
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-14

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.7.4.1 Latest occurrence REQ_UDS 0215 The latest distance value is updated at a change of DTC status bits 0 (testFailed) and 3 REQ_UDS 0216 The la.... This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0215
Source Markdown: converted/markdown-cleaned/CVS124.md page 82
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-15

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.7.4.2 First occurrence REQ_UDS 0217 The first distance value is updated at the first change of DTC status bits 0 (testFailed) and 3. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0217
Source Markdown: converted/markdown-cleaned/CVS124.md page 82
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-16

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: REQ_UDS 0218 The operational hours are presented by a four byte integer, big endian, with , half second per bit (0,5s/bit).. This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0218
Source Markdown: converted/markdown-cleaned/CVS124.md page 83
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-17

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.7.5.1 Latest occurrence REQ_UDS 0220 The latest operational hours value is updated at a change of DTC status bits 0 (testFailed) and 3 (confirmed.... This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0220
Source Markdown: converted/markdown-cleaned/CVS124.md page 83
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-18

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: REQ_UDS 0221 The latest operational hours value is updated at a change of DTC status bit 0 (testFailed) from 0 to 1, if bit 3 (confirmedDTC) is 1 a.... This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0221
Source Markdown: converted/markdown-cleaned/CVS124.md page 83
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-19

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: 5.7.5.2 First occurrence REQ_UDS 0222 The first operational hours value is updated at the first change of DTC status bits 0 (testFailed) and 3 (con.... This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0222
Source Markdown: converted/markdown-cleaned/CVS124.md page 83
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

CQ-DIAG-20

Question: Confirm the binding diagnostic behavior and service authorization expected for this item: Modified requirements: REQ_UDS 0003: Added semantic Identifier DIDs, changed the NodeUID DID to INTERNAL REQ_UDS 0034: Change in the length of Node.... This affects UDS service allocation, security-access roles, safe-state checks, and verification scope.
Priority: P3
Decision Type: Interface
Workshop Block: Block 4: Diagnostics / Update / PKI
Why it matters: Diagnostics can unlock privileged ECU behavior and update paths.
Impact if unresolved: Can remain as tracked assumption
Impact detail: Unauthorized service access may remain untreated or impossible to verify.
Related requirement IDs: REQ_UDS-0003
Source Markdown: converted/markdown-cleaned/CVS124.md page 90
Related architecture/security element: Diagnostic access boundary / Secure Diagnostics
Recommended owner: Joint
Current RFQX status: Reclassified as Informational
Rationale: The source wording is informational or grants/references a right rather than imposing a supplier SHALL requirement.
Classification: Needs Customer Clarification

Additional PDF Closure Overlay

Additional PDF closure analysis generated: 2026-06-20T16:56:49+00:00
Answered by additional PDFs: 0
Partially answered by additional PDFs: 0
Introduced by additional PDFs: 64
Still requiring customer decision: 64
Current P1: 10

Closed questions are not deleted; closure history is in customer_review/clarification_status_updated.md.

Workshop Agenda

Customer Workshop Agenda

Duration: 60-90 minutes

Objective

Confirm the product boundary, interfaces, security responsibilities, and evidence expectations needed to move the RFQX package from expert synthesis to customer-review baseline.

Participants

OEM/customer system owner
OEM/customer cybersecurity architect
Supplier system architect
Supplier cybersecurity architect
Diagnostic/update owner
Backend/SecOps or tooling owner where applicable

Pre-read

site/index.html
product_understanding/product_summary.md
architecture/architecture_overview.md
cybersecurity/security_concept_overview.md
traceability/traceability_gate_rationale.md
requirements/low_confidence_requirement_review.md

Discussion Blocks

1. 10 min: Confirm product/item boundary and customer review objective. 2. 15 min: Review external interfaces, diagnostic access, update/IVD, and PKI/key ownership. 3. 15 min: Review security architecture, assets, trust boundaries, logging, monitoring, backend/SecOps responsibilities. 4. 15 min: Review low-confidence closure and clarify which items are binding, informational, or out of scope. 5. 10 min: Review TARA/residual-risk expectations and approval authority. 6. 5-20 min: Agree actions, owners, and evidence updates.

Decision Points

Accepted item boundary and architecture scope.
Confirmed mandatory security capabilities and optional/reference-only items.
Confirmed owner for each open security and evidence responsibility.
Confirmed next evidence update and review cadence.

Required Outputs

Answered or owner-assigned clarification questions.
Updated architecture assumptions and traceability status.
Customer-approved next-step list for TARA and mechanism allocation.

Follow-up Actions

Update RFQX baseline with customer answers.
Re-run synthesis/site/evidence export.
Move gate from customer-clarification WARN only when decisions are documented.

Open Decision Register

Generated: 2026-06-20T16:56:36+00:00

All entries are open until a customer answer is captured and mapped through the post-workshop delta process.

Decision: D-001

Question ID: CQ-BOUNDARY-01
Decision statement: Confirm disposition for CQ-BOUNDARY-01 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00006
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Blocks architecture baseline
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-002

Question ID: CQ-BOUNDARY-04
Decision statement: Confirm disposition for CQ-BOUNDARY-04 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00146
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Blocks architecture baseline
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-003

Question ID: CQ-BOUNDARY-06
Decision statement: Confirm disposition for CQ-BOUNDARY-06 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00175
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Blocks architecture baseline
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-004

Question ID: CQ-BOUNDARY-16
Decision statement: Confirm disposition for CQ-BOUNDARY-16 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00317
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Blocks architecture baseline
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-005

Question ID: CQ-BOUNDARY-19
Decision statement: Confirm disposition for CQ-BOUNDARY-19 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00338
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Blocks architecture baseline
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-006

Question ID: CQ-BOUNDARY-23
Decision statement: Confirm disposition for CQ-BOUNDARY-23 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00480
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Blocks architecture baseline
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-007

Question ID: CQ-BOUNDARY-24
Decision statement: Confirm disposition for CQ-BOUNDARY-24 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00488
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Blocks architecture baseline
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-008

Question ID: CQ-BOUNDARY-28
Decision statement: Confirm disposition for CQ-BOUNDARY-28 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0051
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Blocks architecture baseline
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-009

Question ID: CQ-BOUNDARY-31
Decision statement: Confirm disposition for CQ-BOUNDARY-31 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00634
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Blocks architecture baseline
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-010

Question ID: CQ-BOUNDARY-38
Decision statement: Confirm disposition for CQ-BOUNDARY-38 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00866
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Blocks architecture baseline
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-011

Question ID: CQ-BOUNDARY-02
Decision statement: Confirm disposition for CQ-BOUNDARY-02 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_SEC_0040
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-012

Question ID: CQ-BOUNDARY-03
Decision statement: Confirm disposition for CQ-BOUNDARY-03 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_SEC_0041
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-013

Question ID: CQ-BOUNDARY-05
Decision statement: Confirm disposition for CQ-BOUNDARY-05 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: Req.ID-Description-6.22.1
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-014

Question ID: CQ-BOUNDARY-07
Decision statement: Confirm disposition for CQ-BOUNDARY-07 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00190
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-015

Question ID: CQ-BOUNDARY-08
Decision statement: Confirm disposition for CQ-BOUNDARY-08 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00246
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-016

Question ID: CQ-BOUNDARY-09
Decision statement: Confirm disposition for CQ-BOUNDARY-09 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00250
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-017

Question ID: CQ-BOUNDARY-10
Decision statement: Confirm disposition for CQ-BOUNDARY-10 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00272
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-018

Question ID: CQ-BOUNDARY-11
Decision statement: Confirm disposition for CQ-BOUNDARY-11 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00278
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-019

Question ID: CQ-BOUNDARY-12
Decision statement: Confirm disposition for CQ-BOUNDARY-12 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00279
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-020

Question ID: CQ-BOUNDARY-13
Decision statement: Confirm disposition for CQ-BOUNDARY-13 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00284
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-021

Question ID: CQ-BOUNDARY-14
Decision statement: Confirm disposition for CQ-BOUNDARY-14 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00292
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-022

Question ID: CQ-BOUNDARY-15
Decision statement: Confirm disposition for CQ-BOUNDARY-15 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00294
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-023

Question ID: CQ-BOUNDARY-17
Decision statement: Confirm disposition for CQ-BOUNDARY-17 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00335
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-024

Question ID: CQ-BOUNDARY-18
Decision statement: Confirm disposition for CQ-BOUNDARY-18 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00337
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-025

Question ID: CQ-BOUNDARY-20
Decision statement: Confirm disposition for CQ-BOUNDARY-20 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00343
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-026

Question ID: CQ-BOUNDARY-21
Decision statement: Confirm disposition for CQ-BOUNDARY-21 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00378
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-027

Question ID: CQ-BOUNDARY-22
Decision statement: Confirm disposition for CQ-BOUNDARY-22 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00420
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-028

Question ID: CQ-BOUNDARY-25
Decision statement: Confirm disposition for CQ-BOUNDARY-25 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00492
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-029

Question ID: CQ-BOUNDARY-26
Decision statement: Confirm disposition for CQ-BOUNDARY-26 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0041
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-030

Question ID: CQ-BOUNDARY-27
Decision statement: Confirm disposition for CQ-BOUNDARY-27 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0049
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-031

Question ID: CQ-BOUNDARY-29
Decision statement: Confirm disposition for CQ-BOUNDARY-29 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00563
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-032

Question ID: CQ-BOUNDARY-30
Decision statement: Confirm disposition for CQ-BOUNDARY-30 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00588
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-033

Question ID: CQ-BOUNDARY-32
Decision statement: Confirm disposition for CQ-BOUNDARY-32 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00652
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-034

Question ID: CQ-BOUNDARY-33
Decision statement: Confirm disposition for CQ-BOUNDARY-33 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0135
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-035

Question ID: CQ-BOUNDARY-34
Decision statement: Confirm disposition for CQ-BOUNDARY-34 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00704
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-036

Question ID: CQ-BOUNDARY-35
Decision statement: Confirm disposition for CQ-BOUNDARY-35 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00785
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-037

Question ID: CQ-BOUNDARY-36
Decision statement: Confirm disposition for CQ-BOUNDARY-36 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00843
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-038

Question ID: CQ-BOUNDARY-37
Decision statement: Confirm disposition for CQ-BOUNDARY-37 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00859
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-039

Question ID: CQ-BOUNDARY-39
Decision statement: Confirm disposition for CQ-BOUNDARY-39 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00932
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-040

Question ID: CQ-BOUNDARY-40
Decision statement: Confirm disposition for CQ-BOUNDARY-40 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00947
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-041

Question ID: CQ-BOUNDARY-41
Decision statement: Confirm disposition for CQ-BOUNDARY-41 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-00996
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-042

Question ID: CQ-BOUNDARY-42
Decision statement: Confirm disposition for CQ-BOUNDARY-42 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-01013
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-043

Question ID: CQ-BOUNDARY-43
Decision statement: Confirm disposition for CQ-BOUNDARY-43 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ-AUTO-01056
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: System boundary / item definition
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-044

Question ID: CQ-INTERFACE-01
Decision statement: Confirm disposition for CQ-INTERFACE-01 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: req-6.3
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: External Interfaces / vehicle network boundary
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-045

Question ID: CQ-DIAG-01
Decision statement: Confirm disposition for CQ-DIAG-01 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0051
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-046

Question ID: CQ-DIAG-02
Decision statement: Confirm disposition for CQ-DIAG-02 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0051
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-047

Question ID: CQ-DIAG-03
Decision statement: Confirm disposition for CQ-DIAG-03 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0051
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-048

Question ID: CQ-DIAG-04
Decision statement: Confirm disposition for CQ-DIAG-04 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0305
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-049

Question ID: CQ-DIAG-05
Decision statement: Confirm disposition for CQ-DIAG-05 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0345
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-050

Question ID: CQ-DIAG-06
Decision statement: Confirm disposition for CQ-DIAG-06 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0346
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-051

Question ID: CQ-DIAG-07
Decision statement: Confirm disposition for CQ-DIAG-07 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0348
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-052

Question ID: CQ-DIAG-08
Decision statement: Confirm disposition for CQ-DIAG-08 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0349
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-053

Question ID: CQ-DIAG-09
Decision statement: Confirm disposition for CQ-DIAG-09 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0093
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-054

Question ID: CQ-DIAG-10
Decision statement: Confirm disposition for CQ-DIAG-10 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0295
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-055

Question ID: CQ-DIAG-11
Decision statement: Confirm disposition for CQ-DIAG-11 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0134
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-056

Question ID: CQ-DIAG-12
Decision statement: Confirm disposition for CQ-DIAG-12 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0136
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-057

Question ID: CQ-DIAG-13
Decision statement: Confirm disposition for CQ-DIAG-13 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0208
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-058

Question ID: CQ-DIAG-14
Decision statement: Confirm disposition for CQ-DIAG-14 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0215
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-059

Question ID: CQ-DIAG-15
Decision statement: Confirm disposition for CQ-DIAG-15 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0217
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-060

Question ID: CQ-DIAG-16
Decision statement: Confirm disposition for CQ-DIAG-16 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0218
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-061

Question ID: CQ-DIAG-17
Decision statement: Confirm disposition for CQ-DIAG-17 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0220
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-062

Question ID: CQ-DIAG-18
Decision statement: Confirm disposition for CQ-DIAG-18 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0221
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-063

Question ID: CQ-DIAG-19
Decision statement: Confirm disposition for CQ-DIAG-19 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0222
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.

Decision: D-064

Question ID: CQ-DIAG-20
Decision statement: Confirm disposition for CQ-DIAG-20 in the RFQX baseline.
Decision status: Open
Decision owner: Joint
Affected requirement IDs: REQ_UDS-0003
Affected feature IDs: To be determined from post-workshop impact.
Affected interface IDs: To be determined from post-workshop impact.
Affected security capability IDs: To be determined from post-workshop impact.
Affected architecture elements: Diagnostic access boundary / Secure Diagnostics
Baseline impact: Can remain as tracked assumption
Follow-up required: yes
Evidence / meeting reference: Pending workshop minutes.